I'm using 11.4.1 and have been tasked with adding additional protection to public facing pages that contain a form that when submitted sends emails. We get a lot of complaints when those pages are scanned and a huge number of emails are sent throughout the company. We are looking for a solution that can be applied for all pages that have this action instead of putting this protection into each website.
My initial thought on this was to use the DoS Profile setup for TPS-based Anomaly. However this is applied on a virtual server level and will therefor apply to every page on that server. My preference is to only apply this to the public facing email forms without applying rate limiting across the entire site which could break customer processes.
I was hoping this would be as easy as using an LTM policy to turn on and off the DoS Profile per URL, but it doesn't look like that functionality is available.
Is there any way of either applying the DoS Profile based on the URL? If not, is there a way to send specific URLs to a specific virtual server which I could then setup just to manage the email page and have the DoS Profile applied? Any other ways of doing rate limiting in the F5.
I realize that doing rate limiting on the websites or servers themselves would be best, but getting developers to update websites for changes like this is like herding narcoleptic cats.
a local traffic policy (Local Traffic ›› Policies : Policy List) should be able to do this. only at specific urls enable the l7dos profile.